I enclose the relevant log files. Just to note, Panda Antirootkit detected no anomalies, and I forgot to save a report for the AVG Antispyware (so I took screenshots, one of which I attach -- only 39 minor traces were found in all). Also, noting from findAWF that Comodo, Symantec and Spyware Terminator were infected, I uninstalled all 3 and installed Outpost, Avast! and AVG in their place.

Please could you let me know if I am now safe or what steps I need to take to solve the problems. Many, many thanks in advance.

Double-click FindAWF.exe to start the tool. Then, do the following
Select "option #2 - Restore files from bak folders" by typing 2 and press Enter .
A text file will open up. Please copy/paste the following text from the quote box (all except the word QUOTE) into the text file.

Thank you Rik, I really appreciate all your help. The folder deletions seem to have worked.

3 questions, please:
1) Could you please recommend a scan engine that can check for this horrid backdoor trojan to ascertain that I am now safe?

2) since changing my firewall/antivirus/antisyware combo yesterday, I have had the system crash with a blue screen twice, with a screen dump. Can I now revert to my previous trio (please see message 1 above in this thread).

3) can I now enter my online bank account, assuming the backdoor exploitation hole has been closed?

Question 1. There is no automated scanner that will detect it available at the moment.

Question 2. You may use any combination of software you like as long as you have just 1 antivirus program and just 1 firewall. Spyware scanners dont interfere with one another so you can have as meany as you like.

Question 3. No, not yet. We need to acertain that the threat is really gone and that there are no others present. As a precaution, you should change all your banking passwords but not use them until your pc is %100 clean.

I would like you to re-run step 1. This will show if your pc is clean of this one threat (more work is needed yet to ensure there are no others).

Here is a recap on those instructions.

Please download FindAWF to your Desktop.
Double-click FindAWF.exe to start the tool.
Select "option #1 - Scan for bak folders" by typing 1 and press Enter
When the tool has completed, a report will open up in notepad. Please post the results of the awf.txt as an attachment.

This thread is for the use of gyanprarthi only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.

Your system was infected with a trojan called Downloader.Agent.awf. It replaces legitimate files that are common on most computers with an infected file. Then, it moves the legitimate files to a bak or backup folder.

Running FindAWF allows us to identify the files that are infected, as well as the backups and then restore the files.

To finish, run Option 4.

Double-click the FindAWF icon once again.
Use the following option: Press 4 then Enter to reset domain zones.

When the program returns to the main menu, use the following option:
Press E then Enter to EXIT.

Next, follow the instructions below. I know it takes a while but it's better to be safe than sorry.

Thank you so much once again, Rik! After reading the 'have a read to decide whether or not to go for a clean or reformat', I decided that I should have done a reformat instead of a clean. I therefore formatted my hard drive and reinstalled Windows. I will be extra careful with my firewall and antivirus from now on. Any further suggestions will be very welcome.